CN110264182B - Electronic certificate management system - Google Patents

Electronic certificate management system Download PDF

Info

Publication number
CN110264182B
CN110264182B CN201910500679.3A CN201910500679A CN110264182B CN 110264182 B CN110264182 B CN 110264182B CN 201910500679 A CN201910500679 A CN 201910500679A CN 110264182 B CN110264182 B CN 110264182B
Authority
CN
China
Prior art keywords
mobile device
locking device
identifier
control system
payload
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910500679.3A
Other languages
Chinese (zh)
Other versions
CN110264182A (en
Inventor
托德·埃贝温
杰弗里·斯科特·尼弗赛
乔恩·P·托尔
唐纳德·利·贝尼
哈米德·阿布哈希姆
米歇尔·维克凯艾
安德鲁·奥利弗
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Schlage Lock Co LLC
Original Assignee
Schlage Lock Co LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Schlage Lock Co LLC filed Critical Schlage Lock Co LLC
Priority to CN201910500679.3A priority Critical patent/CN110264182B/en
Publication of CN110264182A publication Critical patent/CN110264182A/en
Application granted granted Critical
Publication of CN110264182B publication Critical patent/CN110264182B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00571Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by interacting with a central unit
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00817Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the lock can be programmed
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00857Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/068Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/082Access security using revocation of authorisation
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • G07C2009/00412Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks the transmitted data signal being encrypted
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00817Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the lock can be programmed
    • G07C2009/00825Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the lock can be programmed remotely by lines or wireless communication
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00857Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed
    • G07C2009/00865Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed remotely by wireless communication
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00857Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed
    • G07C2009/0088Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed centrally

Abstract

A system and method for managing electronic credentials stored on a mobile device. The system may use the diversified key to encrypt information provided to the locking device and the access control system. The diversification key may be generated by supplying the master key and a component identifier such as, for example, a mobile device identifier to the diversification algorithm. The mobile device may be a conduit for communication of information between the access control system and the locking device. The mobile device may not be able to decrypt information that has been encrypted by the diversified key. Embodiments also provide for registering a managing mobile device using an access control system, distributing and revoking credential identifiers for user mobile devices, and removing a managing mobile device registered using a locking device.

Description

Electronic certificate management system
The application is a divisional application with the application number of 201580039657.1, the application name of an electronic certificate management system and the application date of 2015, 6 and 2.
Cross Reference to Related Applications
The present application claims the benefit of U.S. provisional patent application No.62/006,836, filed on 2.6.2014, the contents of which are incorporated herein by reference in their entirety.
Background
Embodiments of the present application generally relate to electronic credential management for locking systems. More particularly, embodiments of the present application relate to secure distribution and management of electronic credentials.
Credentials used to manage the operation of a locking system are typically physical in nature, such as, for example, at least a portion of a card, key card, token, or mobile device to be read at the locking device. Thus, current credential systems typically require that interactions between the credential and the locking device occur at or at least near the locking device. For example, when interaction between a credential and a locking device is desired, a user may need to swipe a card containing the credential through a card reader associated with the locking device or present the credential in proximity to the card reader.
Similarly, when new credentials are added to a locking system, the credentials typically need to be received by and/or owned by the user. The user may then need to manually add the credentials to the system, such as, for example, by presenting the physical form of the credentials at the actual location of each locking device in the locking system to be associated with the credentials. Using physical credentials presented at the location of one or more locking devices, the credentials may be manually added to the access control portion of the locking device.
Disclosure of Invention
One aspect of the invention relates to a method for credential management that includes inputting a master key and a mobile device identifier into a diversification algorithm to generate a diversification key, the mobile device identifier including information identifying a mobile device. In addition, a control system payload (payload) is encrypted using the diversification key, the control system payload including at least one or more unique credential identifiers. The access control system may communicate the encrypted control system payload to the mobile device. In addition, the locking device receives the encrypted control system payload from the mobile device and may retrieve the master key from the memory of the locking device. The locking device may also decrypt the encrypted control system payload using the retrieved master key and the mobile device identifier.
Another aspect of the invention relates to a method for managing a system that includes receiving, by an access control system, a mobile device identifier from a mobile device. The mobile device identifier and the master key are applied to a diversification algorithm to generate a diversification key, which is used to encrypt a mobile device payload that includes one or more credential identifiers. In addition, the one or more credential identifiers may include information regarding a permission level of the mobile apparatus. The access control system may communicate the encrypted mobile device payload to the mobile device. Further, the locking device may receive an encrypted mobile device payload from the mobile device. The locking device may also decrypt the encrypted mobile device payload and extract one or more credential identifiers from the decrypted encrypted mobile device payload. In addition, the locking device may identify a permission level of the mobile device using the extracted one or more credential identifiers and use the identified permission level to determine whether the mobile device has permission to complete the action.
Furthermore, one aspect of the invention relates to a method for revoking one or more credential identifiers stored on a mobile device. The method includes transmitting, by an access control system, a first credential identifier for storage on a mobile device. The encrypted revocation request payload may also be received by the locking device, the encrypted revocation request payload including a second credential identifier associated with the first credential identifier. The locking device may decrypt the encrypted revocation request payload and extract the second credential identifier from the decrypted encrypted revocation request payload. The locking device may also identify the second credential identifier as a revoked identifier. Additionally, the locking device may receive a transmission from the mobile device including the first credential identifier. The locking device may further identify whether the received first credential identifier is associated with a revoked identifier.
Another aspect of the invention relates to a method for revoking a credential identifier stored on a mobile apparatus, the method comprising transmitting, by an access control system, the credential identifier for storage on the mobile apparatus, and sending, by the access control system, a revocation request to the mobile apparatus. The revocation request may request that the stored credential identifier be removed from the mobile device. The method may also include the access control system receiving a notification that the stored credential identifier has been removed from the mobile apparatus.
Another aspect of the invention relates to a method for removing a management mobile device from a registered locking device that includes informing an access control system that a first management mobile device is being removed from the access control system. In addition, the replacement management mobile device may be registered using the access control system, and the field device reset may be performed on the registered lock device of the credential management system. An encrypted lock device payload may be received by the access control system, the encrypted lock device payload including a replacement field device reset identifier. The access control system may extract the replacement field device reset identifier from the encrypted locking device payload and communicate the extracted replacement field device reset identifier to one or more user mobile devices to be used with the registered locking device.
Other aspects of the invention will become apparent by consideration of the detailed description and accompanying drawings.
Drawings
Fig. 1 shows a schematic diagram of an exemplary system including one or more mobile devices, one or more locking devices, and an access control system according to an illustrative embodiment of the invention.
Fig. 2A shows a flowchart of an exemplary process for registering a management mobile device and a locking device using an access control system in accordance with an illustrative embodiment of the present invention.
Fig. 2B shows a schematic representation of generating a diversified key using a diversified algorithm, a master key, and identifiers of a managing mobile device, a user mobile device, and/or a locking device.
FIG. 3 shows a flowchart of an exemplary process for creating and distributing credential identifiers to user mobile apparatuses in accordance with an illustrative embodiment of the invention.
FIG. 4 shows a flowchart of an exemplary process for manually revoked one or more credential identifiers for a user mobile apparatus in accordance with an illustrative embodiment of the present invention.
FIG. 5 shows a flowchart of an exemplary process for automatically revoked one or more credential identifiers for a user's mobile apparatus in accordance with an illustrative embodiment of the present invention.
Fig. 6 shows a flowchart of an exemplary process for removing a managed mobile device from a registered locking device in accordance with an illustrative embodiment of the invention.
The foregoing summary, as well as the following detailed description of certain embodiments of the present invention, will be better understood when read in conjunction with the appended drawings. For the purpose of illustrating the invention, certain embodiments are shown in the drawings. It should be understood, however, that the invention is not limited to the arrangements and instrumentality shown in the attached drawings.
Detailed Description
Fig. 1 shows a schematic diagram of an exemplary system 100 including one or more mobile devices 102, one or more locking devices 104, and an access control system 106, according to an illustrative embodiment of the invention. Various mobile devices 102 may be utilized including, for example, mobile phones, smart phones, tablets, personal computing devices, and/or special purpose hand held devices, among others. According to the illustrated embodiment, the mobile device 102 may have one or more transceivers 108 for communicating data with other devices including the locking device 104 and the access control system 106. In addition, a variety of different types of transceivers 108 may be used, including, for example, active and passive transceivers that may communicate via bluetooth (including bluetooth low energy) and/or WiFi. The mobile device 102 may also include an input/output device 110 such as, for example, a keyboard, display, and/or touch screen, among other input/output devices. In addition, the mobile device 102 may include one or more different processing devices 112, such as, for example, programmable, dedicated, and/or hardwired state machine type processors, and any combination thereof. For example, according to some embodiments, the processing device 112 may include a plurality of processors and may be of a programmable variety that execute algorithms and process data according to operating logic 114 defined by programming instructions (such as software or firmware) stored in memory 116.
As discussed in further detail below, in the illustrated embodiment, the administrative mobile device 102a may be granted a level of permissions or permissions related to administrative tasks related to managing and/or configuring the locking device 104 of the system 100, while the user mobile device 102b may be configured for general use of the locking device 104, such as, for example, at least daily routine operation or use of the locking device 104.
The locking device 104 may be a lock, a reader device, a payment terminal, and/or any other type of device that may communicate with the mobile device 102. For example, in the embodiment shown in fig. 1, locking device 104 is an electronic lock device having one or more transceivers 118, a processing device 120, a memory 122, a reader 124, and a locking mechanism 126 (such as, for example, bolts and/or latches). The memory 122 may or may not be part of the processing device 120. The mobile device 102 and the locking device 104 may be adapted to communicate with each other using one or more of a variety of different wireless communication technologies. For example, according to some embodiments, the locking device 104 may have a transceiver 118 that allows bluetooth low energy communication between the mobile device 102 and the locking device 104. Further, according to some embodiments, mobile device 102 and locking device 104 may communicate via NFC and/or WiFi (such as WiFi Direct).
Various different types of processing devices may be employed for the processing device 120 of the locking device 104, such as, for example, programmable, dedicated, and/or hardwired state machines, or any combination thereof. The processing device 120 may also include a plurality of processors, such as, for example, an Arithmetic Logic Unit (ALU), a Central Processing Unit (CPU), a Digital Signal Processor (DSP), and the like. Processing device 120 having multiple processing units may also utilize distributed, pipelined, and/or parallel processing. The processing device 120 may also be dedicated to performing only the operations described herein, or may be utilized in one or more additional applications. In the depicted form, the processing device 120 has a programmable variety that executes algorithms and processes data in accordance with operating logic 128 as defined by programming instructions (such as software or firmware) stored in the memory 122 of the locking device 104. Alternatively or additionally, the operational logic 128 is defined at least in part by hardwired logic or other hardware. The processing device 120 may include any type of one or more components adapted to process signals received from an input/output device 130 of the locking device 104 (such as, for example, a keyboard, reader 124, or elsewhere) and provide a desired output signal. Such components may include digital circuitry, analog circuitry, or a combination of both.
The memory 122 of the locking device 104 may be included in the processing device 120 and/or coupled to the processing device 120. Further, the memory 122 may be of one or more types, such as a solid state variety, an electromagnetic variety, an optical variety, or a combination of these forms. Additionally, the memory 122 may be volatile, non-volatile, or a combination of these types, and some or all of the memory 122 may be portable items such as magnetic disks, magnetic tape, memory sticks, cartridges, and the like. Additionally, according to some embodiments, the memory 122 may store data manipulated by the operating logic 128 of the processing device 120, such as data representing signals received from the input/output device 130 and/or transmitted to the input/output device 130, or alternatively store programming instructions defining the operating logic 128.
Access control system 106 may include one or more servers 132 that may communicate with mobile device 102 and/or locking device 104 in a number of different manners, including, for example, via the internet, a cellular data network, or any combination thereof, such as, for example, cloud-based servers and/or network-based servers. Furthermore, according to some embodiments, a different server 132 may be used for different purposes, such as, for example, a cloud-based server 132a for installing, maintaining, and/or managing access control systems 106, locking devices 104, and/or mobile devices 102 or associated therewith, and another different server 132b, such as, for example, a network-based server for other purposes (such as, for example, general daily use and/or operation of locking devices 104). The access control system 106 may also include one or more databases 134 or other recording systems. Various different types of databases 134 and combinations of types of databases 134 may be utilized. For example, one or more servers 132 may include and/or be in operative communication with an auxiliary database 134a, such as an auxiliary database 134b for a manufacturer, producer, and/or assembler of locking device 104, for example.
Fig. 2 shows a flowchart of an exemplary process 200 for registering a management mobile device 102a and a locking device 104 using an access control system 106, according to an illustrative embodiment of the invention. At step 202, the managing mobile device 102a connects to the access control system 106, such as, for example, by connecting to the server 132, such that communications may be transmitted between and received by the managing mobile device 102a and the access control system 106. At step 204, the user may register or access a registered user account using access control system 106. For example, a user of the mobility management mobile device 102a may input various different types of information to the access control system 106, including, for example, information related to the user or related institution, the management mobile device 102a, and/or one or more locking devices 104 associated with the user/institution, among other information. Control access system 106 may then register the user associated with the registered user account and/or manage mobile device 102a. At step 206, the access control system 106 transmits the control system payload to the managing mobile device 102a. The control system payload may contain a variety of different types of information, such as, for example, one or more unique credential identifiers, access permissions, and/or configuration permissions. In addition, the access control system 106 may encrypt the control system payload using the management multiplexing key. As shown in fig. 2B, according to some embodiments, the management diversification key may be generated by applying to the diversification algorithm at least a master key that may be known to access control system 106 and locking device 104, but not to management mobile device 102a, and a management mobile device identifier, such as, for example, a serial number, a production code, a product number, and/or a Universally Unique Identifier (UUID) and other identifiers of the management mobile device. Further, as discussed below, a diversification key for other components of the system 100 may also be generated in a similar manner, such as, for example, supplying a master key and an identifier associated with a particular component (such as, for example, the mobile device 102 or the locking device 104) to a diversification algorithm to generate an associated diversification key. At step 208, the managing mobile device 102a receives the transmitted control system payload.
In the case where the management mobile device 102a is registered using the access control system 106, the management mobile device 102a may be presented to the locking device 104. Thus, at step 210, the locking device 104 may be placed in a registration mode, such as, for example, receipt of a communication by the processing device 120 of the locking device 104, such as, for example, a communication in a keypad of the input/output device 130 via an input code, identification of data by a card reader of the locking device 104, registration credentials, or a communication from the managing mobile device 102a to the transceiver 118 of the locking device 104. It is contemplated that various operations may occur in connection with locking device 104 being placed in a registration mode, such as, for example, locking device 104 authenticating information received by locking device 104 before locking device 104 may enter registration mode. At step 212, where the locking device 104 is in the registration mode and a connection between the locking device 104 and the managing mobile device 102a is established, the managing mobile device 102a may be used for the transfer of encrypted control system payloads from the managing mobile device 102a to the locking device 104.
At step 214, the locking device 104 will attempt to decrypt the received control system payload using the master key and/or management mobile device identifier contained in the memory 122. If the locking device 104 is unable to decrypt the control system payload, at step 216, the connection between the locking device 104 and the managing mobile device 102a is terminated. However, if the locking device 104 is able to decrypt the control system payload, at step 218, the locking device 104 sends the locking device payload to the managing mobile device 102a. The lock device payload may include various information such as, for example, a field device reset identifier and one or more lock device identifiers such as, for example, a lock device UUID, serial number, and/or production code, among other types of identifiers. In addition, the lock device payload may also be encrypted using a management diversified key. At step 220, the managing mobile device 102a receives the transmitted encrypted locking device payload from the locking device 104. According to some embodiments, the managing mobile device 102a may then control the locking device 104 via access and configuration permissions provided by the access control system 106.
At step 222, the managing mobile device 102a may transmit the locking device payload information to the access control system 106. At step 224, the access control system 106 may register or record or store information received from the transmitted lock device payload. Such registration may associate received information from the locking device payload with an associated registered user account and/or locking device 104. For example, according to some embodiments, the access control system 106 may register information from the lock device payload in the database 134, such as, for example, one or more lock device identifiers, such as, for example, a field device reset identifier. Additionally, the registration of information may include recording the information in one or more databases 134a, 134b or operatively accessible to one or more servers 132 of the access control system 106.
By using the diversification algorithm to generate and use the diversification keys in the manner described herein, information encrypted within the payloads communicated between locking device 104 and access control system 106 may not be accessible by mobile device 102. Additionally, including an identifier associated with at least the mobile device 102 in generating the diversified key may exclude and/or reduce the likelihood of success of security of the system 100 compromised by the replay attack.
Fig. 3 shows a flowchart of an exemplary process 300 for creating and distributing credential identifiers to a user mobile apparatus 102b in accordance with an illustrative embodiment of the invention. The credential identifier for the user mobile device 102b may be generated in a variety of ways, including, for example, by managing the use of the application 136 on the mobile device 102a, or by accessing the access control system 106 via a web portal. For example, an application 136 that may be installed on the managing mobile device 102a may process, receive, and/or store data relating to/from the access control system 106, the managing mobile device 102a, the user mobile device 102b, and/or the locking device 104. For example, according to some embodiments, the application 128 may be used in conjunction with communicating information, such as, for example, encrypted security and/or authentication information or data, to/from the access control system 106 and the locking device 104 via the managing mobile device 102 a. Further, as discussed above, the application 136, and thus the managing mobile device 102a, may not be configured to at least decrypt information encrypted along the use of the diversified key communicated by the managing mobile device 102 a. Further, credential identifiers for the mobile device 104b and for managing the mobile device 104a may be stored on the mobile device 104a, 104b, such as, for example, by the application 136.
According to the illustrated embodiment, at step 302, an application 136 or web portal may be used to establish an operable connection with the access control system 106. Using this connection, information regarding the establishment of a new credential identifier for the user of the system 100 may be transmitted to the access control system 106 at step 304. Various different types of information may be provided and/or selected for the new credential identifier, including, for example, a selection of a permission level or authorization to be given for the new credential. Various different permission levels may be provided for selection, such as, for example, simple access, one-time access, the ability to request other new credential identifiers, and/or the ability to configure one or more locking devices 104, among other permissions. In addition, the access control system 106 may be provided with identification information related to the user mobile device 102b and/or an associated user, such as, for example, contact information (such as a telephone number or email address associated with the user and/or the user mobile device 102 b) and other information.
At step 306, an invitation from the access control system 106 and/or the administrative mobile device 102a to join the system 100 may be transmitted to the user mobile device 102b. According to some embodiments, the invitation may be transmitted to a telephone number or email address associated with the user and/or the user's mobile device 102b. The invitation may include various information including, for example, an invitation to download the application 136 onto the user mobile device 102b and/or to register with the access control system 106. If the user chooses to join the system 100, at step 308, the application 136 may be downloaded to the user mobile device 102b and the user may be registered in the access control system 106. At step 310, the access control system 106 may receive a user mobile device identifier, such as, for example, a serial number, a production code, a product number, and/or a Universally Unique Identifier (UUID) for the user mobile device 102b, among other identifiers. According to some embodiments, the user mobile device identifier may be transmitted to the access control system 106 during the registration process at step 308.
At step 312, the access control system 106 may encrypt the user mobile device payload. For example, according to some embodiments, the access control system 106 may encrypt the user mobile device payload using the master key and the user mobile device identifier. Further, according to some embodiments, the access control system 106 may encrypt the user mobile device payload using the master key, the user mobile device identifier, and the diversification algorithm to generate the user diversification key. The encrypted user mobile device payload may include various information including, for example, one or more user mobile device identifiers and other information needed for user mobile device 102b to operate with locking device 104, including, for example, information indicating a permission level assigned to user mobile device 102b, a credential identifier, a lock identifier, and/or a field device reset identifier, among other information. Further, according to the illustrated embodiment, the encrypted user mobile device payload may be stored on the user mobile device 104b, allowing the associated credential identifier to be stored in the user mobile device 104 b.
At step 314, the user mobile device 102b may establish a connection with the locking device 104. Using the established connection, the user mobile device 102a may transmit a user mobile device payload to the locking device 104 at step 316.
Using the master key and/or one or more mobile device identifiers contained in memory 122, locking device 104 will attempt to decrypt the received user mobile device payload, such as, for example, decrypting the user mobile device payload that has been encrypted using the user diversified key, at step 318. If the locking device 104 is unable to decrypt the user mobile device payload, the locking device 104 may deny the user mobile device 102b access to the locking device 104 and/or the connection between the locking device 104 and the user mobile device 102b may be terminated at step 320. However, if the locking device 104 is able to decrypt the user mobile device payload, the user mobile device 102b is authorized to communicate with the locking device 104 in accordance with some embodiments.
If the locking device 104 is capable of decrypting the user mobile device payload, the locking device 104 may compare the information encrypted in the user mobile device payload with information stored in the locking device 104 or accessible to the locking device 104 (including information or data stored in the memory 122 of the locking device 104) at step 322. For example, the locking device 104 may compare one or more locking device identifiers that have been encrypted in the user mobile device payload with similar types of locking device identifiers stored in the memory 122 of the locking device 104. If the comparison indicates that the locking device identifier from the decrypted user mobile device payload is not the same, similar, and/or related to the locking device identifier stored in the memory 122 of the locking device 104, the locking device 104 may terminate communication with the user mobile device 102b and/or deny the user mobile device 102b access to the locking device 104 at step 324.
If the locking device identifier in the decrypted user mobile device payload is the same as, similar to, and/or related to the locking device identifier stored in the memory 122 of the locking device 104, then at step 326, the locking device 104 may compare other information from the decrypted user mobile device payload to information stored in the locking device 104 or accessible to the locking device 104, such as, for example, comparing a field device reset identifier from the user mobile device payload to a field device reset identifier stored by the locking device 104. In such examples, if the compared field device reset identifiers are not identical, dissimilar, and/or related, at step 328, the locking device 104 may terminate communication with the user mobile device 102b and/or deny the user mobile device 102b access to the locking device 104. Further, such a comparison between field device reset identifiers may provide a level of security in the event that the management mobile device 102a is lost or changed, as performing a field device reset will change the field device reset identifier on the locking device 104.
However, if the one or more comparisons performed at step 322 indicate that the information or data being compared is the same, similar, and/or related, then at step 330, the locking device 104 may evaluate the permission level of the user mobile device 102b contained in the encrypted user mobile device payload and verify that the user mobile device 102b has permission or authority to complete the action that the user mobile device 102b is attempting to complete. If the user mobile device 102b does not have permission or authority to complete the action, the locking device 104 may terminate communication with the user mobile device 102b and/or deny the user mobile device 102b access to the locking device 104 at step 332. However, if the locking device 104 determines that the user mobile device 102b is authorized to do so, then at step 334, communication between the locking device 104 and the user mobile device 102b may continue as needed to complete the authorized action.
Fig. 4 shows a flowchart of an exemplary process 400 for manually revoking one or more credential identifiers for a user mobile apparatus 102b in accordance with an illustrative embodiment of the invention. At step 402, the managing mobile device 102a may make a determination or be instructed that the user mobile device 102b is no longer allowed to access the locking device 104. At step 404, a request to revoke the current credential identifier of the user mobile apparatus 102b is generated. The revocation request may be generated in a number of different ways. For example, according to some embodiments, the request may be generated by managing the use of an application on the mobile device 102a or via a web portal connection to the access control system 106.
At step 406, a command to revoke the credential identifier of the user mobile apparatus 102b is transmitted to the user mobile apparatus 102b. According to some embodiments, the revocation command may be generated by the access control system 106, the managing mobile device 102a, or a combination thereof, and transmitted to the user mobile device 102b. According to some embodiments, the revocation command may be sent to one or more email addresses or one or more phone numbers associated with the user mobile device 102b.
At step 408, the access control system 106 may transmit the revocation response payload to the managing mobile device 102a. According to some embodiments, the access control system 106 may send the revocation response payload to the managing mobile device 102a whether or not a response has been received from the user mobile device 102b. The revocation response payload may contain various information such as, for example, a credential identifier to be revoked along with information necessary for communicating with the locking device 104, as well as other information. In addition, the revocation response payload may be encrypted, such as via the use of a management diversification key that may be generated by supplying the master key and one or more management mobile device identifiers from the access control system 106 to a diversification algorithm, for example.
At step 410, the managing mobile device 102a may transmit the revocation response payload to the locking device 104. According to some embodiments, the revocation response payload may be communicated to the locking device 104 upon management of a next subsequent communication setup between the mobile device 102a and the locking device 104. At step 412, the locking device 104 may decrypt the revocation response payload, for example, in a manner similar to those previously discussed. Upon determining that the revoked credential identifier is intended to be at least partially associated with the locking device 104 that received the revocation response payload, the locking device 104 will identify the credential identifier as revoked, at step 414. For example, according to some embodiments, the locking device 104 may assign a revoked credential identifier to a record or list of revoked credential identifiers, or assign a revoked state to a credential identifier.
When the user mobile device 102b subsequently attempts to access the locking device 104 using, at least in part, the revoked credential identifier and the locking device 104 decrypts the payload and determines that the credential identifier is for that particular locking device 104, the locking device 104 will check whether the credential identifier for that user mobile device 102b has been listed, specified, and/or recorded by the locking device 104 as having a revoked status, step 416. For example, according to some embodiments, the locking device 104 may access a list of revoked credential identifiers stored by the locking device 104, e.g., in the memory 122 of the locking device 104, and determine whether the credential identifier is presented on a record or list of revoked credential identifiers. If the locking device 104 recognizes that the presented credential identifier is a revoked credential identifier, the locking device 104 will deny the mobile device 102 access to the locking device 104 at step 418. Additionally, at step 420, the locking device 104 may send a command to the application 136 on the user mobile device 102b to remove the credential identifier. At step 422, the application 136 may continue to remove the credential identifier from the user mobile device 102 b. The application 136 on the user mobile device 102b may also generate a notification sent by the user mobile device 102b to inform the access control system 106 and/or the application 136 on the managing mobile device 102a that the credential identifier has been removed from the user mobile device 102 b.
Fig. 5 shows a flowchart of an exemplary process 500 for automatically revoked one or more credential identifiers for a user mobile apparatus 102b, in accordance with an illustrative embodiment of the present invention. At step 502, the administrative mobile device 102a may make a determination or be instructed that the user mobile device 102b is no longer allowed to access the locking device 104. At step 504, a request to revoke the current credential identifier of the user mobile apparatus 102b is generated. The revocation request may be generated in a number of different ways. For example, according to some embodiments, the request may be generated by managing the use of an application on the mobile device 102a or via a web portal connection to the access control system 106.
At step 506, a command to revoke the credential identifier of the user mobile apparatus 102b is transmitted to the user mobile apparatus 102b. According to some embodiments, the revocation command may be generated by the access control system 106, the managing mobile device 102a, or a combination thereof, and transmitted to the user mobile device 102b. According to some embodiments, the revocation command may be sent to one or more email addresses or one or more phone numbers associated with the user mobile device 102b.
At step 508, upon receipt of the revocation command, the application 136 on the user mobile device 102b may remove the credential identifier from the user mobile device 102b. For example, according to some embodiments, the application 136 on the user mobile device 102b may permanently remove the credential identifier from the user mobile device 102b. At step 510, the application 136 on the user mobile device 102b may then generate a communication provided to the access control system 106 and/or the administrative mobile device 102a that provides notification or verification that one or more credential identifiers have been removed from the user mobile device 102b. Such notifications may be sent to access control system 106 for various periods of time, including, for example, upon completion of removal of the credential identifier from user mobile device 102b, and/or upon occurrence of a first opportunity to send a notification. For example, if the user mobile device 102b is powered off before sending the notification, the notification may be sent when the user mobile device 102b is powered back up.
After removing the one or more credential identifiers, if the user mobile device 102b attempts to communicate with the locking device 104, the user mobile device 102b may not be able to communicate the payload information that the locking device 104 will desire. Thus, the user mobile device 102b may receive a refusal response from the locking device 104 or the connection will timeout.
According to some embodiments, the exemplary manual and automatic processes 400, 500 for revoked credential identifiers discussed above may be run in parallel or in series. For example, according to some embodiments, if the automated process 500 cannot result in revocation of a credential identifier, the manual process 400 may be used, and vice versa. According to other embodiments, both manual and automated processes 400, 500 may be used in parallel as further attempts to prevent security vulnerabilities.
Fig. 6 shows a flowchart of an exemplary process 600 for removing a managed mobile device 102a from a registered locking device 104, according to an illustrative embodiment of the invention. According to some embodiments, a field device reset may be performed on one or more of the locking devices 104, which may in turn allow for changes as to which mobile device 102 is to become the managing mobile device 102a registered with the locking device 104. Furthermore, the use of a field device reset may allow for a change of which mobile devices 102 are management mobile devices 102a without requiring the presence of an existing management mobile device 102a, thereby allowing for such a change in the event that the current management mobile device 102a is lost or inoperable. Additionally, when a field device reset is performed, the field device reset identifier is modified in a known manner and any previously stored credential identifier or identifiers may be removed from the locking device 104.
As shown in fig. 1, the field device reset and designating another mobile device 102 as the managing mobile device 102c may be performed in a number of different ways. For example, according to the illustrated embodiment, at step 602, the access control system 106 may be notified that the managing mobile device 102a is being removed from the system 100, such as, for example, due to the managing mobile device 102a being lost or inoperable. At step 604, a field device reset may be performed, such as, for example, at the locking device 104, which may then remove the credential identifier from the locking device 104 and modify the field device reset identifier. Thus, the locking device 104 may not be able to operate via the user mobile device 102b because the new field device reset identifier of the locking device 104 may not match or be similar to the one or more credential identifiers stored on the user mobile device 102 b. For at least similar reasons, in the event that a lost or inoperable management mobile device 102a becomes available, the management mobile device 102a may not be able to be used with the locking device 104.
At step 606, the mobile device 102 that will become the replacement management mobile device 102c is connected to the access control system 106 and registered using the access control system 106, and is then associated with the management mobile device 102c. According to some embodiments, the process for registering a replacement management mobile device 102c may be similar to the exemplary process 200 discussed above with respect to fig. 2A. At step 608, the replacement management mobile device 102c may be presented to the locking device 104 and may transmit the replacement control system payload that has been encrypted by the replacement management mobile device diversified key generated using the master key, the replacement management mobile device identifier, and the diversification algorithm.
At step 610, the locking device 104 will attempt to decrypt the received replacement control system payload using the master key and the replacement management mobile device identifier contained in the memory 122. If the locking device 104 is unable to decrypt the control system payload, then at step 612, the connection between the locking device 104 and the replacement management mobile device 102c is terminated. However, if the locking device 104 is able to decrypt the replacement control system payload, at step 614, the locking device 104 transmits the locking device payload to the replacement management mobile device 102c, which is then received by the replacement management mobile device 102 c. The locking device payload may again include various information such as a replacement field device reset identifier and one or more locking device identifiers. In addition, the lock device payload may also be encrypted using a replacement management diversified key. According to some embodiments, the replacement management mobile device 102c may then have control of the locking device via access and configuration permissions provided by the access control system 106.
At step 616, the replacement management mobile device 102c may communicate the encrypted lock device payload to the access control system 106. According to some embodiments, the access control system 106 may then confirm the update, such as, for example, by transmitting an update reply notification to the replacement management mobile device 102c and/or the locking device 104. At step 618, using the access control system 106, the user associated with the registered user account may indicate or identify which distributed credential identifiers are to be updated, such as, for example, which user mobile devices 102b are to receive the updated credential identifiers. At step 620, the access control system 106 may then transmit an updated credential identifier, which may include the updated field device reset identifier, to the user mobile device 102b, which user mobile device 102b is registered or registered for use with one or more locking devices 104 and/or a particular locking device 104.
Various features and advantages of the invention are set forth in the following claims. In addition, variations and modifications to the embodiments described herein will be readily apparent to those skilled in the art, and such variations and modifications may be made without departing from the spirit and scope of the invention and without diminishing its intended advantages. While the invention has been illustrated and described in detail in the drawings and foregoing description, the same is to be considered as illustrative and not restrictive in character, it being understood that only selected embodiments have been shown and described and that all changes, equivalents, and modifications that come within the scope of the invention described herein or defined by the following claims are desired to be protected. Furthermore, the steps shown herein are understood to be merely exemplary, and steps may be combined or divided, and added or removed, and reordered in whole or in part.
While the invention has been described with reference to certain embodiments, it will be understood by those skilled in the art that various changes may be made and equivalents may be substituted without departing from the scope of the invention. In addition, many modifications may be made to adapt a particular situation or material to the teachings of the invention without departing from its scope. Therefore, it is intended that the invention not be limited to the particular embodiment disclosed, but that the invention will include all embodiments falling within the scope of the appended claims.

Claims (11)

1. A method for revoking one or more credential identifiers stored on a mobile device, the method comprising:
transmitting, by an access control system, a first credential identifier for storage on the mobile device;
receiving, by a locking device, an encrypted revocation request payload, wherein the encrypted revocation request payload includes a second credential identifier that is associated with the first credential identifier;
decrypting, by the locking device, the encrypted revocation request payload;
extracting, by the locking device, the second credential identifier from the decrypted encrypted revocation request payload;
identifying, by the locking device, the second credential identifier as a revoked identifier;
receiving, by the locking device, a transmission from the mobile device including the first credential identifier; and is also provided with
Identifying, by the locking device, whether the received first credential identifier is associated with the revoked identifier.
2. The method of claim 1, further comprising the step of: if the identifying step indicates that the first credential identifier is associated with the revoked identifier, terminating, by the locking device, the connection between the locking device and the mobile device.
3. The method of claim 1, further comprising the step of: a request is communicated by the locking device for the mobile device to remove the first credential identifier.
4. The method of claim 1, further comprising the step of: a mobile device for which the first credential identifier is to be revoked is identified to the access control system, and a revocation request is transmitted by the access control system to the mobile device, wherein the revocation request requests removal of the first credential identifier from the mobile device.
5. A method for removing a managed mobile device from a registered locking device, the method comprising:
notifying an access control system that a first administrative mobile device is being removed from the access control system;
registering a replacement management mobile device using the access control system;
performing a field device reset on the registered locking device;
receiving, by the access control system, an encrypted lock device payload, wherein the encrypted lock device payload includes a replacement field device reset identifier;
extracting, by the access control system, the replacement field device reset identifier from the encrypted lock device payload; and is also provided with
The extracted replacement field device reset identifier is transmitted from the access control system to one or more user mobile devices to be used with the registered locking device.
6. The method of claim 5, further comprising the step of: one or more user mobile devices are identified that are to receive the replacement field device reset identifier.
7. The method of claim 6, further comprising the step of:
generating, by the access control system, an alternate management mobile device payload, wherein the alternate management mobile device payload includes an alternate management mobile device identifier;
encrypting the replacement management mobile device payload using a replacement management mobile device diversification key, wherein the replacement management mobile device diversification key is generated using a master key, the replacement management mobile device identifier, and a diversification algorithm; and is also provided with
The encrypted replacement management mobile device payload is received by the registered locking device.
8. The method of claim 7, further comprising at least one of:
decrypting, by the registered locking device, the encrypted replacement management mobile device payload using at least the master key and the replacement management mobile device identifier; and is also provided with
If the registered lock device cannot decrypt the encrypted replacement management mobile device payload using at least the master key and the replacement management mobile device identifier, terminating the connection between the registered lock device and the replacement management mobile device.
9. The method of claim 5, wherein performing a field device reset on a locking device automatically modifies the field device reset identifier and removes all credential identifiers stored on the registered locking device.
10. The method of claim 5, wherein performing a field device reset on a registered locking device comprises: all credential identifiers stored on the registered locking device are removed without interacting with the first managing mobile device.
11. The method of claim 5, wherein performing a field device reset on a registered locking device comprises: in response to determining that the first administrative mobile device has been lost or stolen, all credential identifiers stored on the registered locking device are removed.
CN201910500679.3A 2014-06-02 2015-06-02 Electronic certificate management system Active CN110264182B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910500679.3A CN110264182B (en) 2014-06-02 2015-06-02 Electronic certificate management system

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US201462006836P 2014-06-02 2014-06-02
US62/006,836 2014-06-02
PCT/US2015/033802 WO2015187707A1 (en) 2014-06-02 2015-06-02 Electronic credental management system
CN201910500679.3A CN110264182B (en) 2014-06-02 2015-06-02 Electronic certificate management system
CN201580039657.1A CN106662991B (en) 2014-06-02 2015-06-02 Electronic certificate management system

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
CN201580039657.1A Division CN106662991B (en) 2014-06-02 2015-06-02 Electronic certificate management system

Publications (2)

Publication Number Publication Date
CN110264182A CN110264182A (en) 2019-09-20
CN110264182B true CN110264182B (en) 2023-08-29

Family

ID=54703408

Family Applications (2)

Application Number Title Priority Date Filing Date
CN201910500679.3A Active CN110264182B (en) 2014-06-02 2015-06-02 Electronic certificate management system
CN201580039657.1A Active CN106662991B (en) 2014-06-02 2015-06-02 Electronic certificate management system

Family Applications After (1)

Application Number Title Priority Date Filing Date
CN201580039657.1A Active CN106662991B (en) 2014-06-02 2015-06-02 Electronic certificate management system

Country Status (6)

Country Link
US (2) US20150350913A1 (en)
EP (1) EP3149573A4 (en)
CN (2) CN110264182B (en)
CA (2) CA3030129C (en)
MX (2) MX2018016420A (en)
WO (1) WO2015187707A1 (en)

Families Citing this family (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013123079A1 (en) * 2012-02-13 2013-08-22 Xceedid Corporation Credential management system
CA3030129C (en) * 2014-06-02 2021-11-23 Schlage Lock Company Llc Electronic credential management system
CA2968550A1 (en) * 2014-12-02 2016-06-09 Carrier Corporation Remote programming for access control system with virtual card data
IN2015CH04016A (en) * 2015-08-03 2015-08-14 Varadharajan Marur Srikrishna
US11933076B2 (en) 2016-10-19 2024-03-19 Dormakaba Usa Inc. Electro-mechanical lock core
WO2019051337A1 (en) 2017-09-08 2019-03-14 Dormakaba Usa Inc. Electro-mechanical lock core
US11917070B2 (en) 2018-02-17 2024-02-27 Carrier Corporation Method and system for managing a multiplicity of credentials
KR102414927B1 (en) * 2018-03-21 2022-06-30 삼성전자 주식회사 Method and apparatus for authenticating a device using wireless local area network service
DE102018204367A1 (en) * 2018-03-22 2019-09-26 Siemens Schweiz Ag Method and system for authorizing the communication of a network node
US11716320B2 (en) * 2018-03-27 2023-08-01 Workday, Inc. Digital credentials for primary factor authentication
US11019053B2 (en) 2018-03-27 2021-05-25 Workday, Inc. Requesting credentials
US11698979B2 (en) * 2018-03-27 2023-07-11 Workday, Inc. Digital credentials for access to sensitive data
US11792180B2 (en) * 2018-03-27 2023-10-17 Workday, Inc. Digital credentials for visitor network access
US11627000B2 (en) * 2018-03-27 2023-04-11 Workday, Inc. Digital credentials for employee badging
US11770261B2 (en) 2018-03-27 2023-09-26 Workday, Inc. Digital credentials for user device authentication
US11792181B2 (en) * 2018-03-27 2023-10-17 Workday, Inc. Digital credentials as guest check-in for physical building access
US11683177B2 (en) * 2018-03-27 2023-06-20 Workday, Inc. Digital credentials for location aware check in
US11641278B2 (en) 2018-03-27 2023-05-02 Workday, Inc. Digital credential authentication
US11531783B2 (en) * 2018-03-27 2022-12-20 Workday, Inc. Digital credentials for step-up authentication
US11700117B2 (en) 2018-03-27 2023-07-11 Workday, Inc. System for credential storage and verification
US11522713B2 (en) * 2018-03-27 2022-12-06 Workday, Inc. Digital credentials for secondary factor authentication
CA3097041C (en) 2018-04-13 2022-10-25 Dormakaba Usa Inc. Electro-mechanical lock core
US11466473B2 (en) 2018-04-13 2022-10-11 Dormakaba Usa Inc Electro-mechanical lock core
US11144631B2 (en) 2018-09-11 2021-10-12 Apple Inc. Dynamic switching between pointer authentication regimes
US20210134092A1 (en) * 2019-10-30 2021-05-06 OpenKey, Inc. Universal Secure Mobile Device Entry Upgrade Electronics Unit for Electronic Locks and Method of Use Thereof

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103026682A (en) * 2010-06-16 2013-04-03 德尔斐系统有限公司 Wireless device enabled locking system
CN103473844A (en) * 2013-10-12 2013-12-25 东信和平科技股份有限公司 Intelligent control method and intelligent control system for public rental housing
CN103679884A (en) * 2013-12-02 2014-03-26 大连智慧城科技有限公司 Casual user authorization device and method for internet door control

Family Cites Families (55)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4677284A (en) * 1985-08-22 1987-06-30 Genest Leonard Joseph Multi-access security system
US4829296A (en) * 1986-04-30 1989-05-09 Carey S. Clark Electronic lock system
GB8705892D0 (en) * 1987-03-12 1987-04-15 Security Services Plc Keys
US5473318A (en) * 1992-01-10 1995-12-05 Active Control Technology Inc. Secure remote control system with receiver controlled to add and delete identity codes
US5397884A (en) * 1993-10-12 1995-03-14 Saliga; Thomas V. Electronic kay storing time-varying code segments generated by a central computer and operating with synchronized off-line locks
US5668876A (en) * 1994-06-24 1997-09-16 Telefonaktiebolaget Lm Ericsson User authentication method and apparatus
US5612683A (en) * 1994-08-26 1997-03-18 Trempala; Dohn J. Security key holder
US5909183A (en) * 1996-12-26 1999-06-01 Motorola, Inc. Interactive appliance remote controller, system and method
US5905446A (en) * 1997-03-24 1999-05-18 Diebold, Incorporated Electronic key system
US6308266B1 (en) * 1998-03-04 2001-10-23 Microsoft Corporation System and method for enabling different grades of cryptography strength in a product
JP2003515688A (en) * 1999-11-30 2003-05-07 ボーディング データ エーエス Electronic key device, system, and method for managing electronic key information
US6971016B1 (en) * 2000-05-31 2005-11-29 International Business Machines Corporation Authenticated access to storage area network
US20030028664A1 (en) * 2001-08-02 2003-02-06 Kaijun Tan Method and system for secure distribution and utilization of data over a network
EP1324276B1 (en) * 2001-12-28 2008-10-15 Matsushita Electric Works, Ltd. Use of an electronic key and electronic security system
CA2516704C (en) * 2003-02-21 2012-07-31 Ge Interlogix, Inc. Key control with real time communications to remote locations
US6885738B2 (en) * 2003-02-25 2005-04-26 Bellsouth Intellectual Property Corporation Activation of electronic lock using telecommunications network
US20050138365A1 (en) * 2003-12-19 2005-06-23 Bellipady Guruprashanth A. Mobile device and method for providing certificate based cryptography
JP4794560B2 (en) * 2004-08-31 2011-10-19 株式会社エヌ・ティ・ティ・ドコモ Cryptographic digital certificate revocation
US20070176739A1 (en) * 2006-01-19 2007-08-02 Fonekey, Inc. Multifunction keyless and cardless method and system of securely operating and managing housing facilities with electronic door locks
US20070271596A1 (en) * 2006-03-03 2007-11-22 David Boubion Security, storage and communication system
SE529849C2 (en) * 2006-04-28 2007-12-11 Sics Swedish Inst Of Comp Scie Access control system and procedure for operating the system
SE531723C2 (en) * 2006-12-20 2009-07-21 Phoniro Ab Access control system, lock device, management device and associated methods and computer software products
US20090113543A1 (en) * 2007-10-25 2009-04-30 Research In Motion Limited Authentication certificate management for access to a wireless communication device
WO2009125830A1 (en) 2008-04-10 2009-10-15 日本電気株式会社 Information leak prevention device, and method and program thereof
US8631488B2 (en) * 2008-08-04 2014-01-14 Cupp Computing As Systems and methods for providing security services during power management mode
WO2010038650A1 (en) * 2008-09-30 2010-04-08 日本電気株式会社 Mobile terminal execution function managing system, method, and program
US8797138B2 (en) * 2009-01-13 2014-08-05 Utc Fire & Security Americas Corporation, Inc. One-time access for electronic locking devices
CN101482987B (en) * 2009-01-19 2010-07-14 苏州工业园区新海宜电信发展股份有限公司 Central control and management method for outdoor communication machine room door based on communication network
US8521809B2 (en) 2009-07-31 2013-08-27 Z2Live, Inc. Mobile device notification controls system and method
ES2428004T3 (en) * 2009-09-16 2013-11-05 Openways Sas Secured digital control locks management system, adapted to operation through encrypted acoustic accreditations
KR20110117560A (en) * 2010-04-21 2011-10-27 삼성전자주식회사 System and method for providing automatically update
US20130117831A1 (en) * 2010-04-30 2013-05-09 Lock Box Pty Ltd Method and system for enabling computer access
US9042873B2 (en) * 2010-06-07 2015-05-26 Intelligent Mechatronic Systems Inc. On the road groups
US9961550B2 (en) * 2010-11-04 2018-05-01 Itron Networked Solutions, Inc. Physically secured authorization for utility applications
US8689297B2 (en) 2010-11-19 2014-04-01 Blackberry Limited System, devices and method for secure authentication
US20140002236A1 (en) * 2010-12-02 2014-01-02 Viscount Security Systems Inc. Door Lock, System and Method for Remotely Controlled Access
EP2500872A1 (en) * 2011-03-08 2012-09-19 Openways Sas Secured method for controlling the opening of locking devices by means of a communication object such as a mobile phone
US8417233B2 (en) * 2011-06-13 2013-04-09 Mercury Mobile, Llc Automated notation techniques implemented via mobile devices and/or computer networks
US20130335193A1 (en) * 2011-11-29 2013-12-19 1556053 Alberta Ltd. Electronic wireless lock
US8712394B2 (en) * 2011-12-14 2014-04-29 Blackberry Limited Systems, methods, and apparatus to prepare a mobile device for provisioning
WO2013123079A1 (en) * 2012-02-13 2013-08-22 Xceedid Corporation Credential management system
US9202086B1 (en) * 2012-03-30 2015-12-01 Protegrity Corporation Tokenization in a centralized tokenization environment
US20130342314A1 (en) * 2012-06-22 2013-12-26 Gun Chen Smart lock structure and operating method thereof
KR101938332B1 (en) * 2012-07-11 2019-01-14 캠프모바일 주식회사 Method, service server, mobile phone and computer readable recording medium for mobile phone authentication
US9043609B2 (en) * 2012-07-19 2015-05-26 Bank Of America Corporation Implementing security measures for authorized tokens used in mobile transactions
PL2885904T3 (en) * 2012-08-03 2018-09-28 Vasco Data Security International Gmbh User-convenient authentication method and apparatus using a mobile authentication application
US9472034B2 (en) 2012-08-16 2016-10-18 Schlage Lock Company Llc Electronic lock system
US8769651B2 (en) * 2012-09-19 2014-07-01 Secureauth Corporation Mobile multifactor single-sign-on authentication
US9260885B2 (en) * 2012-10-19 2016-02-16 Brian Asquith Theft deterrent lock
US9009653B2 (en) * 2013-02-28 2015-04-14 Tata Consultancy Services Limited Identifying quality requirements of a software product
US9432361B2 (en) * 2013-03-13 2016-08-30 Lookout, Inc. System and method for changing security behavior of a device based on proximity to another device
US9712601B2 (en) * 2013-07-22 2017-07-18 International Business Machines Corporation Cloud-connectable middleware appliance
US9779224B2 (en) * 2014-05-05 2017-10-03 Securekey Technologies Inc. Methods and systems for client-enhanced challenge-response authentication
CA3030129C (en) * 2014-06-02 2021-11-23 Schlage Lock Company Llc Electronic credential management system
US9600949B2 (en) * 2014-07-30 2017-03-21 Master Lock Company Llc Wireless key management for authentication

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103026682A (en) * 2010-06-16 2013-04-03 德尔斐系统有限公司 Wireless device enabled locking system
CN103473844A (en) * 2013-10-12 2013-12-25 东信和平科技股份有限公司 Intelligent control method and intelligent control system for public rental housing
CN103679884A (en) * 2013-12-02 2014-03-26 大连智慧城科技有限公司 Casual user authorization device and method for internet door control

Also Published As

Publication number Publication date
MX2016016008A (en) 2017-05-30
CA3030129A1 (en) 2015-12-10
US11023875B2 (en) 2021-06-01
US20190239079A1 (en) 2019-08-01
EP3149573A4 (en) 2017-11-22
CN106662991B (en) 2019-07-09
CA3030129C (en) 2021-11-23
EP3149573A1 (en) 2017-04-05
CA2954758C (en) 2019-03-12
CN106662991A (en) 2017-05-10
MX361983B (en) 2018-12-19
US20150350913A1 (en) 2015-12-03
CN110264182A (en) 2019-09-20
WO2015187707A1 (en) 2015-12-10
CA2954758A1 (en) 2015-12-10
MX2018016420A (en) 2021-08-13

Similar Documents

Publication Publication Date Title
CN110264182B (en) Electronic certificate management system
CN110024004B (en) Providing service provider access to locks
US9473932B2 (en) Local trusted service manager
CN101258505B (en) Secure software updates
EP2765750B1 (en) Controlling application access to mobile device functions
US20150271679A1 (en) System and method of verifying integrity of software
US9258283B2 (en) Key management system, key management method, and communication device
CN104823221A (en) Near field communication based key sharing techniques
CN110036419B (en) Providing access to a lock through a service consumer device
CN102438013A (en) Hardware-based credential distribution
KR20120110089A (en) Method for remotely controlling and monitoring the data produced on desktop on desktop software
CN108605034A (en) Radio firmware updates
JP2017514390A (en) Method and system for protecting electronic data exchange between industrial programmable devices and portable programmable devices
JP4833745B2 (en) Data protection method for sensor node, computer system for distributing sensor node, and sensor node
JP2014006691A (en) Device authentication method and system
CN115066863B (en) System and techniques for cross-account device key transfer in benefit denial systems
CN104023012A (en) Method, device and system for scheduling service in cluster
JP6479723B2 (en) Secret key management system and secret key management method
CN112632521A (en) Request response method and device, electronic equipment and storage medium
US9323911B1 (en) Verifying requests to remove applications from a device
KR102053993B1 (en) Method for Authenticating by using Certificate
CN111954882A (en) Communicating service provider access data to a service provider server
CN112004978A (en) Key information generation system and key information generation method
US10382430B2 (en) User information management system; user information management method; program, and recording medium on which it is recorded, for management server; program, and recording medium on which it is recorded, for user terminal; and program, and recording medium on which it is recorded, for service server
US20220353073A1 (en) Method for authenticating an end-user account, method for single authenticating within a cluster of hsm, and method for implementing access control

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant